From 804371bf96ecda8a8c50967aae27ca3fbd4b6acb Mon Sep 17 00:00:00 2001 From: martyTF Date: Sat, 11 Apr 2026 17:21:28 +0200 Subject: [PATCH] server and other shit --- configuration.nix | 1 - flake.lock | 60 +++---- home/apps/default.nix | 2 + .../internet/default.nix | 6 +- home/apps/internet/mail.nix | 35 ++++ home/apps/internet/messaging.nix | 47 ++++++ .../internet/zen-browser.nix | 76 +++++---- home/apps/sync/default.nix | 20 +++ home/apps/terminal/kitty.nix | 6 +- home/apps/terminal/ranger.nix | 2 +- home/desktop/shell/noctalia.nix | 28 ++++ home/desktop/window-managers/default.nix | 10 ++ home/desktop/window-managers/hyprland.nix | 8 +- home/desktop/window-managers/niri.nix | 145 ++++++++-------- home/desktop/window-managers/sway.nix | 2 +- .../connectivity/bluetooth/default.nix | 20 --- .../connectivity/internet/librewolf.nix | 21 --- home/modules/connectivity/internet/mail.nix | 34 ---- home/modules/connectivity/internet/rss.nix | 19 --- home/modules/connectivity/internet/tor.nix | 21 --- .../connectivity/social-media/default.nix | 15 -- .../social-media/messaging/default.nix | 31 ---- hosts/marty-pc/custom.nix | 10 ++ hosts/marty-pc/default.nix | 18 +- hosts/marty-pc/home.nix | 26 --- hosts/marty-pc/options.nix | 157 ++++++++++++++++++ hosts/marty-thinkpad/custom.nix | 14 ++ hosts/marty-thinkpad/default.nix | 23 +-- hosts/marty-thinkpad/home.nix | 85 +--------- .../marty-thinkpad/options.nix | 78 +++++++-- modules/apps/audio/default.nix | 1 + modules/apps/default.nix | 2 + modules/apps/development/editor.nix | 12 +- modules/apps/internet/browser.nix | 21 ++- modules/apps/internet/mail.nix | 35 ++++ modules/apps/messaging/default.nix | 26 +++ modules/apps/misc/default.nix | 6 +- modules/apps/sync/default.nix | 14 ++ modules/apps/terminal/kitty.nix | 12 +- modules/apps/video/default.nix | 5 +- modules/default.nix | 1 + modules/desktop/display-manager.nix | 40 ++--- modules/desktop/window-managers/default.nix | 4 + modules/desktop/window-managers/sway.nix | 2 +- modules/server/arr/default.nix | 14 +- modules/server/cloud/default.nix | 13 ++ modules/server/cloud/immich.nix | 70 ++++++++ modules/server/cloud/nextcloud.nix | 93 +++++++++++ modules/server/default.nix | 7 +- modules/server/docker/default.nix | 14 -- modules/server/media/default.nix | 13 ++ modules/server/media/jellyfin.nix | 75 +++++---- modules/server/media/navidrome.nix | 66 ++++++++ modules/server/misc/dawarich.nix | 34 ++++ modules/server/misc/default.nix | 14 ++ modules/server/misc/forgejo.nix | 72 ++++++++ modules/server/misc/lauti.nix | 54 ++++++ modules/server/nginx.nix | 16 +- modules/server/social/default.nix | 13 ++ modules/server/social/gotosocial.nix | 64 +++++++ modules/server/social/synapse.nix | 117 +++++++++++++ modules/system/bluetooth.nix | 13 ++ modules/system/default.nix | 3 +- modules/system/{fira-code.nix => fonts.nix} | 0 modules/system/networking.nix | 81 +++++---- 65 files changed, 1428 insertions(+), 619 deletions(-) rename home/{modules/connectivity => apps}/internet/default.nix (66%) create mode 100644 home/apps/internet/mail.nix create mode 100644 home/apps/internet/messaging.nix rename home/{modules/connectivity => apps}/internet/zen-browser.nix (59%) create mode 100644 home/apps/sync/default.nix delete mode 100644 home/modules/connectivity/bluetooth/default.nix delete mode 100644 home/modules/connectivity/internet/librewolf.nix delete mode 100644 home/modules/connectivity/internet/mail.nix delete mode 100644 home/modules/connectivity/internet/rss.nix delete mode 100644 home/modules/connectivity/internet/tor.nix delete mode 100644 home/modules/connectivity/social-media/default.nix delete mode 100644 home/modules/connectivity/social-media/messaging/default.nix create mode 100644 hosts/marty-pc/options.nix create mode 100644 hosts/marty-thinkpad/custom.nix rename options.nix => hosts/marty-thinkpad/options.nix (68%) create mode 100644 modules/apps/internet/mail.nix create mode 100644 modules/apps/messaging/default.nix create mode 100644 modules/server/cloud/default.nix create mode 100644 modules/server/cloud/immich.nix create mode 100644 modules/server/cloud/nextcloud.nix delete mode 100644 modules/server/docker/default.nix create mode 100644 modules/server/media/default.nix create mode 100644 modules/server/media/navidrome.nix create mode 100644 modules/server/misc/dawarich.nix create mode 100644 modules/server/misc/default.nix create mode 100644 modules/server/misc/forgejo.nix create mode 100644 modules/server/misc/lauti.nix create mode 100644 modules/server/social/default.nix create mode 100644 modules/server/social/gotosocial.nix create mode 100644 modules/server/social/synapse.nix create mode 100644 modules/system/bluetooth.nix rename modules/system/{fira-code.nix => fonts.nix} (100%) diff --git a/configuration.nix b/configuration.nix index f6be3e1..b02b912 100644 --- a/configuration.nix +++ b/configuration.nix @@ -14,7 +14,6 @@ nixpkgs.config.allowUnfree = true; imports = [ ./modules - # ./options.nix ]; environment.pathsToLink = [ diff --git a/flake.lock b/flake.lock index 4bf6ea3..c6b64bb 100644 --- a/flake.lock +++ b/flake.lock @@ -216,11 +216,11 @@ ] }, "locked": { - "lastModified": 1774738535, - "narHash": "sha256-2jfBEZUC67IlnxO5KItFCAd7Oc+1TvyV/jQlR+2ykGQ=", + "lastModified": 1775268934, + "narHash": "sha256-Sa5tW5kYPJornQEkFVD43F/0d4/WP+/GLTNktTFe2qU=", "owner": "nix-community", "repo": "home-manager", - "rev": "769e07ef8f4cf7b1ec3b96ef015abec9bc6b1e2a", + "rev": "9dc93220c1c9a410ef6277d6dc55c571d9e592d0", "type": "github" }, "original": { @@ -304,11 +304,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1774734105, - "narHash": "sha256-kO22x+rIp1SckR3Gi3+Nk0J9AP+kNcEgXikkE8bA04g=", + "lastModified": 1775307976, + "narHash": "sha256-s7tT69WTAX8CdZg1Gr1L4n2W/IgyPCfFXJFllXS5A5g=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "38a7f03cf0e5ee116794a78581634ba3dab508fa", + "rev": "13fec3de9b40dbd075ce0ec5c88ef86117e25443", "type": "github" }, "original": { @@ -586,11 +586,11 @@ "optnix": "optnix" }, "locked": { - "lastModified": 1774427328, - "narHash": "sha256-KtGThScvwNbCm+6XwUKRfpTjJVKV9SHswm29px3m4pw=", + "lastModified": 1775272181, + "narHash": "sha256-9Y3ASONdIdYtTbZCg7Nv+jntkXo9m1VMpxlMvvNhHWI=", "owner": "nix-community", "repo": "nixos-cli", - "rev": "23e7540706eb5271f4ab37b9e52532637d57c63b", + "rev": "14dab96159beab052bf04be41c8e5cd486807042", "type": "github" }, "original": { @@ -664,11 +664,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1772956932, - "narHash": "sha256-M0yS4AafhKxPPmOHGqIV0iKxgNO8bHDWdl1kOwGBwRY=", + "lastModified": 1774855581, + "narHash": "sha256-YkreHeMgTCYvJ5fESV0YyqQK49bHGe2B51tH6claUh4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "608d0cadfed240589a7eea422407a547ad626a14", + "rev": "15c6719d8c604779cf59e03c245ea61d3d7ab69b", "type": "github" }, "original": { @@ -680,11 +680,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1774386573, - "narHash": "sha256-4hAV26quOxdC6iyG7kYaZcM3VOskcPUrdCQd/nx8obc=", + "lastModified": 1775036866, + "narHash": "sha256-ZojAnPuCdy657PbTq5V0Y+AHKhZAIwSIT2cb8UgAz/U=", "owner": "nixos", "repo": "nixpkgs", - "rev": "46db2e09e1d3f113a13c0d7b81e2f221c63b8ce9", + "rev": "6201e203d09599479a3b3450ed24fa81537ebc4e", "type": "github" }, "original": { @@ -718,11 +718,11 @@ "noctalia-qs": "noctalia-qs" }, "locked": { - "lastModified": 1774747057, - "narHash": "sha256-D/W/pgyH9+50fMbyh839j3NIOyf9X8VJCKrsMpRnqAI=", + "lastModified": 1775309721, + "narHash": "sha256-yZIMJhv1Jg2I1bsag/chncl4nb/5pkrEKVwpkOqJqpI=", "owner": "noctalia-dev", "repo": "noctalia-shell", - "rev": "3b9e93a8b1e748df9329a97eb8d7ee58d02977da", + "rev": "819b2d33b04b2180b6ef19dab7f86af7d3603a52", "type": "github" }, "original": { @@ -741,11 +741,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1774734782, - "narHash": "sha256-rq/8sJPI8wD4P3CXSyvW/dPuAa+qXGdqzAKM3eunZ+4=", + "lastModified": 1775135550, + "narHash": "sha256-79JP2QTdvp1jg7HGxAW+xzhzhLnlKUi8yGXq9nDCeH0=", "owner": "noctalia-dev", "repo": "noctalia-qs", - "rev": "8e216ba101d761b8a71f359246941d50e22bad3f", + "rev": "e7224b756dcd10eec040df818a4c7a0fda5d6eff", "type": "github" }, "original": { @@ -766,11 +766,11 @@ ] }, "locked": { - "lastModified": 1770000117, - "narHash": "sha256-kZ1eLvCxfN+6RYQdcWUdIf+2WuiNiAfbJq+VetT+kos=", + "lastModified": 1774559664, + "narHash": "sha256-a8FWQZgqaS7o484iH7dFK+F9t7oMahKbcH2piIwUwFc=", "owner": "water-sucks", "repo": "optnix", - "rev": "e3a8a63d8a9dcad01f499b2ece87db3545443f05", + "rev": "853323ece22fb1ffed19cea4ae22804032034a8e", "type": "github" }, "original": { @@ -980,11 +980,11 @@ ] }, "locked": { - "lastModified": 1772660329, - "narHash": "sha256-IjU1FxYqm+VDe5qIOxoW+pISBlGvVApRjiw/Y/ttJzY=", + "lastModified": 1773297127, + "narHash": "sha256-6E/yhXP7Oy/NbXtf1ktzmU8SdVqJQ09HC/48ebEGBpk=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "3710e0e1218041bbad640352a0440114b1e10428", + "rev": "71b125cd05fbfd78cab3e070b73544abe24c5016", "type": "github" }, "original": { @@ -1063,11 +1063,11 @@ ] }, "locked": { - "lastModified": 1774759885, - "narHash": "sha256-Y3D2GnZTO6BhGWeVcO6qUkiO5g0dDL2tmokLVWNC1WY=", + "lastModified": 1775277437, + "narHash": "sha256-zCi04nIBNwTMt8n35w9cBgNUqnyhbjivsGlx6/Qhqug=", "owner": "youwen5", "repo": "zen-browser-flake", - "rev": "16e3f4cd221a030186a96015d82dcb3fb4afa4d6", + "rev": "de6d9094822a8f87fc380d1638f34d6cc6fa68ca", "type": "github" }, "original": { diff --git a/home/apps/default.nix b/home/apps/default.nix index c915cba..11ff8d0 100644 --- a/home/apps/default.nix +++ b/home/apps/default.nix @@ -7,6 +7,8 @@ { imports = [ + ./internet + ./sync ./terminal ]; } diff --git a/home/modules/connectivity/internet/default.nix b/home/apps/internet/default.nix similarity index 66% rename from home/modules/connectivity/internet/default.nix rename to home/apps/internet/default.nix index 3743b9e..9cb9dcc 100644 --- a/home/modules/connectivity/internet/default.nix +++ b/home/apps/internet/default.nix @@ -7,10 +7,8 @@ { imports = [ - ./librewolf.nix - ./zen-browser.nix - ./tor.nix ./mail.nix - ./rss.nix + ./messaging.nix + ./zen-browser.nix ]; } diff --git a/home/apps/internet/mail.nix b/home/apps/internet/mail.nix new file mode 100644 index 0000000..b8a1013 --- /dev/null +++ b/home/apps/internet/mail.nix @@ -0,0 +1,35 @@ +{ + config, + lib, + pkgs, + osConfig, + ... +}: + +{ + programs = { + thunderbird = + if osConfig.apps.internet.mail.enable then + { + enable = true; + profiles."default" = { + isDefault = true; + }; + } + else + { }; + }; + services = { + protonmail-bridge = + if osConfig.apps.internet.mail.providers.protonmail.enable then + { + enable = true; + package = pkgs.protonmail-bridge; + extraPackages = with pkgs; [ + gnome-keyring + ]; + } + else + { }; + }; +} diff --git a/home/apps/internet/messaging.nix b/home/apps/internet/messaging.nix new file mode 100644 index 0000000..8fef772 --- /dev/null +++ b/home/apps/internet/messaging.nix @@ -0,0 +1,47 @@ +{ + config, + lib, + pkgs, + osConfig, + ... +}: + +{ + programs = { + element-desktop = + if osConfig.apps.messaging.element.enable then + { + enable = true; + settings = { + default_server_config = { + "m.homeserver" = { + base_url = + if osConfig.apps.messaging.element.selfhosted then + "https://${osConfig.server.synapse.subdomain}.${osConfig.networking.domain}" + else + "https://matrix-client.matrix.org"; + server_name = + if osConfig.apps.messaging.element.selfhosted then + "${osConfig.server.synapse.subdomain}.${osConfig.networking.domain}" + else + "matrix.org"; + }; + "m.identity_server" = { + base_url = "https://vector.im"; + }; + }; + default_theme = "dark"; + disable_custom_urls = false; + disable_guests = false; + disable_login_language_selector = false; + disable_3pid_login = false; + force_verification = false; + brand = "Element"; + integrations_ui_url = "https://scalar.vector.im/"; + integrations_rest_url = "https://scalar.vector.im/api"; + }; + } + else + { }; + }; +} diff --git a/home/modules/connectivity/internet/zen-browser.nix b/home/apps/internet/zen-browser.nix similarity index 59% rename from home/modules/connectivity/internet/zen-browser.nix rename to home/apps/internet/zen-browser.nix index 57498b6..8df7295 100644 --- a/home/modules/connectivity/internet/zen-browser.nix +++ b/home/apps/internet/zen-browser.nix @@ -3,6 +3,7 @@ lib, pkgs, inputs, + osConfig, ... }: let @@ -58,41 +59,44 @@ let in { - options = { - internet.browsers = { - zen-browser = { - enable = lib.mkEnableOption "enable zen-browser"; - }; - }; - }; - config = lib.mkIf config.internet.browsers.zen-browser.enable { - home.packages = [ - (pkgs.wrapFirefox - inputs.zen-browser.packages.${pkgs.stdenv.hostPlatform.system}.zen-browser-unwrapped - { - extraPrefs = lib.concatLines ( - lib.mapAttrsToList ( - name: value: ''lockPref(${lib.strings.toJSON name}, ${lib.strings.toJSON value});'' - ) prefs - ); - extraPolicies = { - DisableTelemetry = true; - ExtensionSettings = builtins.listToAttrs extensions; + config = + if osConfig.apps.internet.browsers.zen-browser.enable then + { + home.packages = [ + (pkgs.wrapFirefox + inputs.zen-browser.packages.${pkgs.stdenv.hostPlatform.system}.zen-browser-unwrapped + { + extraPrefs = lib.concatLines ( + lib.mapAttrsToList ( + name: value: "lockPref(${lib.strings.toJSON name}, ${lib.strings.toJSON value});" + ) prefs + ); + extraPolicies = { + DisableTelemetry = true; + ExtensionSettings = builtins.listToAttrs extensions; - SearchEngines = { - Default = "MartyTF's Series of Tubes"; - Add = [ - { - Name = "MartyTF's Series of Tubes"; - URLTemplate = "https://search.marty.tf/?q={searchTerms}"; - IconURL = "https://wiki.nixos.org/favicon.ico"; - Alias = "@sgx"; - } - ]; - }; - }; - } - ) - ]; - }; + SearchEngines = { + Default = "kagi"; + Add = [ + { + Name = "MartyTF's Series of Tubes"; + URLTemplate = "https://search.marty.tf/?q={searchTerms}"; + IconURL = "https://wiki.nixos.org/favicon.ico"; + Alias = "@sgx"; + } + { + Name = "kagi"; + URLTemplate = "https://kagi.com/search?q={searchTerms}"; + IconURL = "https://kagi.com/asset/597c5c3/kagi_assets/logos/search.png?v=679b1c5d38deac3ff084fc704aa36694454572a2"; + Alias = "@k"; + } + ]; + }; + }; + } + ) + ]; + } + else + { }; } diff --git a/home/apps/sync/default.nix b/home/apps/sync/default.nix new file mode 100644 index 0000000..fe757ba --- /dev/null +++ b/home/apps/sync/default.nix @@ -0,0 +1,20 @@ +{ + config, + lib, + pkgs, + osConfig, + ... +}: + +{ + services = { + kdeconnect = { + enable = osConfig.apps.sync.kde-connect.enable; + indicator = osConfig.apps.sync.kde-connect.enable; + }; + nextcloud-client = { + enable = osConfig.apps.sync.nextcloud.enable; + startInBackground = osConfig.apps.sync.nextcloud.enable; + }; + }; +} diff --git a/home/apps/terminal/kitty.nix b/home/apps/terminal/kitty.nix index dc7f5b1..fc75583 100644 --- a/home/apps/terminal/kitty.nix +++ b/home/apps/terminal/kitty.nix @@ -13,9 +13,9 @@ enable = true; enableGitIntegration = true; shellIntegration = { - enableFishIntegration = true; - enableBashIntegration = true; - enableZshIntegration = true; + enableFishIntegration = osConfig.programs.fish.enable; + enableBashIntegration = osConfig.programs.bash.enable; + enableZshIntegration = osConfig.programs.zsh.enable; }; font = { name = "FiraCode Nerd Font"; diff --git a/home/apps/terminal/ranger.nix b/home/apps/terminal/ranger.nix index d6a9253..bd25359 100644 --- a/home/apps/terminal/ranger.nix +++ b/home/apps/terminal/ranger.nix @@ -26,7 +26,7 @@ vcs_backend_git = "enabled"; vcs_msg_length = 50; preview_images = true; - preview_images_method = lib.mkIf config.terminal.kitty.enable "kitty"; + preview_images_method = lib.mkIf osConfig.apps.terminal.kitty.enable "kitty"; preview_files = true; preview_directories = true; collapse_preview = false; diff --git a/home/desktop/shell/noctalia.nix b/home/desktop/shell/noctalia.nix index 38bd638..e4dcc31 100644 --- a/home/desktop/shell/noctalia.nix +++ b/home/desktop/shell/noctalia.nix @@ -20,6 +20,34 @@ if osConfig.desktop.shell.noctalia.enable then { enable = true; + settings = { + bar = { + density = "compact"; + position = "center"; + showCapsule = true; + widgets = { + left = [ + { + id = "ControlCenter"; + useDistroLogo = true; + } + { + id = "Network"; + } + { + id = "Bluetooth"; + } + ]; + center = [ + { + id = "Workspace"; + labelMode = "none"; + hideUnoccupied = false; + } + ]; + }; + }; + }; } else { }; diff --git a/home/desktop/window-managers/default.nix b/home/desktop/window-managers/default.nix index e648214..99b0d8d 100644 --- a/home/desktop/window-managers/default.nix +++ b/home/desktop/window-managers/default.nix @@ -6,6 +6,16 @@ }: { + options = { + desktop.window-managers = { + monitors = { + name = lib.mkOption { + default = ""; + + }; + }; + }; + }; imports = [ ./hyprland.nix ./niri.nix diff --git a/home/desktop/window-managers/hyprland.nix b/home/desktop/window-managers/hyprland.nix index b31ee1b..5fd6a3d 100644 --- a/home/desktop/window-managers/hyprland.nix +++ b/home/desktop/window-managers/hyprland.nix @@ -11,7 +11,6 @@ options = { desktop = { hyprland = { - enable = lib.mkEnableOption "enable hyprland"; monitors = lib.mkOption { default = [ ",preferred,auto,1" @@ -81,12 +80,13 @@ ]; exec-once = [ (lib.mkIf (osConfig.desktop.shell.walker.enable) "elephant") + (lib.mkIf (osConfig.desktop.shell.walker.enable) "walker --gapplication-service") (lib.mkIf (osConfig.desktop.shell.waybar.enable) "waybar") (lib.mkIf (osConfig.desktop.shell.noctalia.enable) "noctalia-shell") (lib.mkIf (osConfig.desktop.shell.noctalia.enable) "noctalia-shell ipc call wallpaper random") (lib.mkIf (osConfig.desktop.shell.swww.enable) "waypaper --restore --random") - (lib.mkIf (osConfig.gaming.steam.enable) "adwaita-steam-gtk -u; steam -silent") - (lib.mkIf (osConfig.internet.mail.providers.protonmail.enable) "protonmail-bridge -n") + (lib.mkIf (osConfig.apps.gaming.steam.enable) "adwaita-steam-gtk -u; steam -silent") + (lib.mkIf (osConfig.apps.internet.mail.providers.protonmail.enable) "protonmail-bridge -n") "echo $HYPRLAND_INSTANCE_SIGNATURE > ~/.config/hypr/instance_signature" ]; "$mod" = "SUPER"; @@ -98,7 +98,7 @@ (lib.mkIf (osConfig.desktop.shell.rofi.enable) "$mod, D, exec, rofi -show drun") "$mod, return, exec, ${osConfig.apps.terminal.binary}" (lib.mkIf (osConfig.desktop.utilities.grimblast.enable) ", print, exec, GRIMBLAST_EDITOR=gradia grimblast edit area") - (lib.mkIf (osConfig.desktop.shell.walker.enable && osConfig.misc.bitwarden.enable) + (lib.mkIf (osConfig.desktop.shell.walker.enable && osConfig.apps.misc.bitwarden.enable) "$mod, B, exec, rbw unlocked || kitty --class kitty-floating -e rbw unlock; selected=$(rbw list | walker -d); wl-copy $(rbw get \"$selected\"); sleep 30; rbw lock" ) "$mod, F, fullscreen, 1" diff --git a/home/desktop/window-managers/niri.nix b/home/desktop/window-managers/niri.nix index 6a20cd7..a7fee7d 100644 --- a/home/desktop/window-managers/niri.nix +++ b/home/desktop/window-managers/niri.nix @@ -17,91 +17,94 @@ in if osConfig.desktop.window-managers.niri.enable then { home.file = { - "~/.config/niri/config.kdl" = '' - input { + "~/.config/niri/config.kdl" = { + target = ".config/niri/config.kdl"; + text = '' + input { - keyboard { - xkb { - layout "${kb-layout}" - } - repeat-delay 600 - repeat-rate 20 - track-layout "global" - } - touchpad { - tap - dwt - accel-profile "flat" - accel-speed 0.0 - scroll-method "two-finger" - + keyboard { + xkb { + layout "${kb-layout}" + } + repeat-delay 600 + repeat-rate 20 + track-layout "global" + } + touchpad { + tap + dwt + accel-profile "flat" + accel-speed 0.0 + scroll-method "two-finger" + - } - mouse { - accel-speed 0.5 - accel-profile "flat" + } + mouse { + accel-speed 0.5 + accel-profile "flat" - } - } + } + } - gestures { - hot-corners { - off - } + gestures { + hot-corners { + off + } - } + } - cursor { - hide-when-typing - hide-after-inactive-ms 2000 - } + cursor { + hide-when-typing + hide-after-inactive-ms 2000 + } - xwayland-satellite { - path "xwayland-satellite" - } + xwayland-satellite { + path "xwayland-satellite" + } - hotkey-overlay { - hide-not-bound - } + hotkey-overlay { + hide-not-bound + } - binds { - ${modifier}+Down cooldown-ms=150 { focus-workspace-down; } - ${modifier}+Up cooldown-ms=150 { focus-workspace-up; } - ${modifier}+${osConfig.keybinds.hotkeys.terminal} { spawn "${osConfig.terminal.binary}";} - ${modifier}+Left {focus-column-left; } - ${modifier}+Right {focus-column-right; } - ${modifier}+${osConfig.keybinds.hotkeys.browser} { spawn "${osConfig.apps.browser.default}";} - ${modifier}+${osConfig.keybinds.hotkeys.launcher} { spawn "${osConfig.desktop.window-managers.shell.launcher.default}";} - Print { screenshot;} - ${modifier}+Shift+${osConfig.keybinds.hotkeys.close-window} { close-window; } - ${modifier}+Shift+${osConfig.keybinds.hotkeys.editor} { spawn "${osConfig.apps.development.editor.default}";} - } + binds { + ${modifier}+Down cooldown-ms=150 { focus-workspace-down; } + ${modifier}+Up cooldown-ms=150 { focus-workspace-up; } + ${modifier}+${osConfig.keybinds.hotkeys.terminal} { spawn "${osConfig.apps.terminal.binary}";} + ${modifier}+Left {focus-column-left; } + ${modifier}+Right {focus-column-right; } + ${modifier}+${osConfig.keybinds.hotkeys.browser} { spawn "${osConfig.apps.internet.browsers.default}";} + ${modifier}+${osConfig.keybinds.hotkeys.launcher} { spawn "${osConfig.desktop.shell.launcher}";} + Print { screenshot;} + ${modifier}+Shift+${osConfig.keybinds.hotkeys.close-window} { close-window; } + ${modifier}+Shift+${osConfig.keybinds.hotkeys.editor} { spawn "${osConfig.apps.development.editor.default}";} + } - spawn-at-startup "elephant" - spawn-at-startup "noctalia-shell" + spawn-at-startup "elephant" + spawn-at-startup "noctalia-shell" + spawn-at-startup "walker --gapplication-service" + + layout { + gaps 20 + focus-ring { + width 5 + } + border { + off + } + } + window-rule { + geometry-corner-radius 20 + clip-to-geometry true + } - layout { - gaps 20 - focus-ring { - width 5 - } - border { - off - } - } - window-rule { - geometry-corner-radius 20 - clip-to-geometry true - } + prefer-no-csd + + include "noctalia.kdl" - prefer-no-csd - - include "noctalia.kdl" - - - ''; + ''; + }; }; } else diff --git a/home/desktop/window-managers/sway.nix b/home/desktop/window-managers/sway.nix index 371f50c..082524d 100644 --- a/home/desktop/window-managers/sway.nix +++ b/home/desktop/window-managers/sway.nix @@ -60,7 +60,7 @@ }; }; defaultWorkspace = "workspace number 1"; - terminal = osConfig.desktop.defaults.terminal.binary; + terminal = osConfig.apps.terminal.binary; }; checkConfig = false; }; diff --git a/home/modules/connectivity/bluetooth/default.nix b/home/modules/connectivity/bluetooth/default.nix deleted file mode 100644 index a3e3df6..0000000 --- a/home/modules/connectivity/bluetooth/default.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: - -{ - options = { - bluetooth = { - enable = lib.mkEnableOption "enable bluetooth"; - }; - }; - config = lib.mkIf config.bluetooth.enable { - home.packages = with pkgs; [ - bluez - bluetuith - ]; - }; -} diff --git a/home/modules/connectivity/internet/librewolf.nix b/home/modules/connectivity/internet/librewolf.nix deleted file mode 100644 index 744ebba..0000000 --- a/home/modules/connectivity/internet/librewolf.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: - -{ - options = { - internet.browsers = { - librewolf = { - enable = lib.mkEnableOption "enable librewolf"; - }; - }; - }; - config = lib.mkIf config.internet.browsers.librewolf.enable { - home.packages = with pkgs; [ - librewolf - ]; - }; -} diff --git a/home/modules/connectivity/internet/mail.nix b/home/modules/connectivity/internet/mail.nix deleted file mode 100644 index 6d7db5a..0000000 --- a/home/modules/connectivity/internet/mail.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: - -{ - options = { - internet = { - mail.enable = lib.mkEnableOption "enable e-mail"; - mail.providers.protonmail.enable = lib.mkEnableOption "enable protonmail"; - }; - }; - config = { - programs = { - thunderbird = lib.mkIf config.internet.mail.enable { - enable = true; - profiles."default" = { - isDefault = true; - }; - }; - }; - services = { - protonmail-bridge = lib.mkIf config.internet.mail.providers.protonmail.enable { - enable = true; - package = pkgs.protonmail-bridge; - extraPackages = with pkgs; [ - gnome-keyring - ]; - }; - }; - }; -} diff --git a/home/modules/connectivity/internet/rss.nix b/home/modules/connectivity/internet/rss.nix deleted file mode 100644 index 078fba3..0000000 --- a/home/modules/connectivity/internet/rss.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: - -{ - options = { - internet = { - rss.enable = lib.mkEnableOption "enable rss"; - }; - }; - config = { - home.packages = with pkgs; [ - (lib.mkIf (config.internet.rss.enable) newsflash) - ]; - }; -} diff --git a/home/modules/connectivity/internet/tor.nix b/home/modules/connectivity/internet/tor.nix deleted file mode 100644 index 8573673..0000000 --- a/home/modules/connectivity/internet/tor.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: - -{ - options = { - internet = { - tor.enable = lib.mkEnableOption "enable tor"; - browsers.tor-browser.enable = lib.mkEnableOption "enable tor-browser"; - }; - }; - config = { - home.packages = with pkgs; [ - (lib.mkIf (config.internet.browsers.tor-browser.enable) tor-browser) - (lib.mkIf (config.internet.tor.enable) oniux) - ]; - }; -} diff --git a/home/modules/connectivity/social-media/default.nix b/home/modules/connectivity/social-media/default.nix deleted file mode 100644 index 697b07c..0000000 --- a/home/modules/connectivity/social-media/default.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: - -{ - imports = [ - ./messaging - ]; - home.packages = with pkgs; [ - fedistar - ]; -} diff --git a/home/modules/connectivity/social-media/messaging/default.nix b/home/modules/connectivity/social-media/messaging/default.nix deleted file mode 100644 index d31259d..0000000 --- a/home/modules/connectivity/social-media/messaging/default.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: - -{ - options = { - messaging = { - enable = lib.mkEnableOption "enable all messaging"; - element.enable = lib.mkEnableOption "enable element"; - signal.enable = lib.mkEnableOption "enable signal"; - }; - }; - - config = { - messaging = lib.mkIf config.messaging.enable { - element.enable = lib.mkDefault true; - signal.enable = lib.mkDefault true; - }; - home.packages = with pkgs; [ - (lib.mkIf (config.messaging.signal.enable) signal-desktop) - ]; - programs = { - element-desktop = lib.mkIf config.messaging.element.enable { - enable = true; - }; - }; - }; -} diff --git a/hosts/marty-pc/custom.nix b/hosts/marty-pc/custom.nix index 1cc7547..a5e39dc 100644 --- a/hosts/marty-pc/custom.nix +++ b/hosts/marty-pc/custom.nix @@ -6,6 +6,16 @@ }: { + networking = { + interfaces = { + enp42s0 = { + wakeOnLan = { + enable = true; + policy = [ "magic" ]; + }; + }; + }; + }; services.flatpak.enable = true; virtualisation.docker.enable = true; security.polkit = { diff --git a/hosts/marty-pc/default.nix b/hosts/marty-pc/default.nix index 07c2bbc..1f4eb8b 100644 --- a/hosts/marty-pc/default.nix +++ b/hosts/marty-pc/default.nix @@ -8,33 +8,19 @@ ... }: -let - hostname = "marty-pc"; -in - { - networking = { - hostName = hostname; - interfaces = { - enp42s0 = { - wakeOnLan = { - enable = true; - policy = [ "magic" ]; - }; - }; - }; - }; home-manager = { extraSpecialArgs = { inherit inputs; }; useGlobalPkgs = true; useUserPackages = true; users = { - marty = import ./home.nix; + "${config.user.userName}" = import ./home.nix; }; }; imports = [ ./hardware.nix ./custom.nix + ./options.nix ]; system.stateVersion = "25.05"; # Did you read the comment? } diff --git a/hosts/marty-pc/home.nix b/hosts/marty-pc/home.nix index 13c06ff..a4a37ec 100644 --- a/hosts/marty-pc/home.nix +++ b/hosts/marty-pc/home.nix @@ -13,32 +13,6 @@ home.homeDirectory = "/home/${osConfig.user.userName}"; home.stateVersion = "25.11"; - desktop = { - hyprland = { - enable = true; - numlock = true; - monitors = [ - "desc:AOC Q27G2WG4 0x00005F45, 2560x1440@144, 3840x0, 1 # main monitor" - "desc:Samsung Electric Company S24D330 0x5A5A5131, 1920x1080@60, 3840x1440, 1 # side monitor" - "desc:Panasonic Industry Company Panasonic-TV, 3840x2160@30, 0x0, 1 # tv" - "desc:Valve Corporation Index HMD 0x3DEBE38D, preffered, auto, 1" - ]; - workspaces.workspaces = [ - - "1, monitor:DP-1, persistent:true" - "2, monitor:DP-1, persistent:true" - "3, monitor:DP-1, persistent:true" - "4, monitor:DP-1, persistent:true" - "5, monitor:HDMI-A-1, persistent:true" - "6, monitor:HDMI-A-1, persistent:true" - "7, monitor:HDMI-A-1, persistent:true" - "8, monitor:HDMI-A-1, persistent:true" - "9, monitor:DP-3, persistent:true" - "special:magic" - ]; - }; - }; - imports = [ ./../../home ]; diff --git a/hosts/marty-pc/options.nix b/hosts/marty-pc/options.nix new file mode 100644 index 0000000..9f6c7a6 --- /dev/null +++ b/hosts/marty-pc/options.nix @@ -0,0 +1,157 @@ +{ + config, + pkgs, + lib, + ... +}: + +{ + config = { + user = { + userName = "marty"; + shell = pkgs.fish; + }; + system = { + timezone = "Europe/Berlin"; + language = "en_GB.UTF-8"; + locale = "de_DE.UTF-8"; + hostname = "marty-pc"; + }; + apps = { + audio = { + base.enable = true; + media.enable = true; + editing.enable = true; + }; + development = { + editor = { + vscodium.enable = true; + emacs.enable = true; + default = "vscodium"; + }; + languages = { + python.enable = true; + }; + godot.enable = true; + }; + gaming = { + enable = true; + steam.enable = true; + minecraft.enable = true; + }; + image = { + base.enable = true; + editing.enable = true; + }; + internet = { + browsers = { + zen-browser.enable = true; + tor-browser.enable = true; + default = "zen"; + }; + mail = { + enable = true; + providers = { + protonmail.enable = true; + }; + }; + }; + messaging = { + signal.enable = true; + element = { + enable = true; + selfhosted = true; + }; + }; + misc = { + obsidian.enable = true; + bitwarden.enable = true; + blender.enable = true; + }; + sync = { + kde-connect.enable = true; + nextcloud.enable = true; + syncthing = { + devices = { + marty-pc = { + id = "6PJZD52-EEWIO7U-MZMJJ5B-33DGNSU-O7DJVRT-GAE7QZG-ZY3VIMV-VSMBDQP"; + autoAcceptFolder = true; + }; + marty-server = { + id = "UDMXEKZ-HYIFI5S-VAKE75O-K3C65QV-LS43QA5-3JTHWKL-CI5C3Y6-P4NSQQM"; + autoAcceptFolders = true; + }; + marty-latitude = { + id = "SOAWHKA-BCQGO5G-IJ24WTO-RDETP5M-LNTVO66-MHIOUU2-NNQ57P6-FFKNSA6"; + autoAcceptFolders = true; + }; + marty-thinkpad = { + id = "NWHFQSW-FOBGFLV-YMZR77Q-KNRR3YC-4C6PKXT-TTPDCOL-CDB6QX4-3QJE2AN"; + autoAcceptFolders = true; + }; + marty-pixel = { + id = "GSBXOGW-6SYLDUQ-HPH7FBJ-CKHWQIK-K5YORB4-CYKGYT6-DLCVSAK-LA2RMAK"; + autoAcceptFolders = true; + }; + marty-fairphone = { + id = "2ISVWQV-4USY5IA-2OU55CE-Q7VLPD7-4RVQ5WX-FXQSJMY-2ES4EZG-IGFB7QG"; + autoAcceptFolders = true; + }; + }; + }; + }; + terminal = { + kitty = { + enable = true; + }; + default = "kitty"; + tui = { + ranger.enable = true; + }; + toys = true; + }; + video = { + base.enable = true; + media.enable = true; + editing.enable = true; + }; + }; + desktop = { + window-managers = { + hyprland = { + enable = true; + }; + niri = { + enable = true; + }; + sway = { + enable = true; + }; + }; + shell = { + noctalia = { + enable = true; + }; + swww = { + enable = false; + }; + walker = { + enable = true; + }; + waybar = { + enable = false; + }; + }; + utilities = { + grimblast = { + enable = true; + }; + }; + }; + server = { + synapse = { + subdomain = "yap"; + }; + }; + }; +} diff --git a/hosts/marty-thinkpad/custom.nix b/hosts/marty-thinkpad/custom.nix new file mode 100644 index 0000000..2b3e6ad --- /dev/null +++ b/hosts/marty-thinkpad/custom.nix @@ -0,0 +1,14 @@ +{ + config, + lib, + pkgs, + ... +}: + +{ + services.flatpak.enable = true; + + services.xserver.videoDrivers = [ "nvidia" ]; + hardware.nvidia.modesetting.enable = true; + hardware.nvidia.open = true; +} diff --git a/hosts/marty-thinkpad/default.nix b/hosts/marty-thinkpad/default.nix index fa0b0ae..d49452e 100644 --- a/hosts/marty-thinkpad/default.nix +++ b/hosts/marty-thinkpad/default.nix @@ -8,37 +8,20 @@ }: { - networking = { - hostName = "marty-thinkpad"; - }; - home-manager = { extraSpecialArgs = { inherit inputs; }; useGlobalPkgs = true; useUserPackages = true; users = { - marty = import ./home.nix; + "${config.user.userName}" = import ./home.nix; }; }; - main-user = { - userName = "marty"; - shell = pkgs.fish; - }; - imports = [ ./hardware.nix - # ../../modules/server/nginx.nix + ./custom.nix + ./options.nix ]; - desktop.niri.enable = true; - - programs = { - light.enable = true; - }; - services.flatpak.enable = true; - services.xserver.videoDrivers = [ "nvidia" ]; - hardware.nvidia.modesetting.enable = true; - hardware.nvidia.open = true; system.stateVersion = "24.11"; # Did you read the comment? } diff --git a/hosts/marty-thinkpad/home.nix b/hosts/marty-thinkpad/home.nix index 34f7e05..169b4a1 100644 --- a/hosts/marty-thinkpad/home.nix +++ b/hosts/marty-thinkpad/home.nix @@ -3,95 +3,18 @@ pkgs, inputs, lib, + osConfig, ... }: { - # Home Manager needs a bit of information about you and the paths it should - # manage. - home.username = "marty"; - home.homeDirectory = "/home/marty"; - # This value determines the Home Manager release that your configuration is - # compatible with. This helps avoid breakage when a new Home Manager release - # introduces backwards incompatible changes. - # - # You should not change this value, even if you update Home Manager. If you do - # want to update the value, then make sure to first check the Home Manager - # release notes. - home.stateVersion = "24.11"; # Please read the comment before changing. - - # The home.packages option allows you to install Nix packages into your - # environment. - - programs.fish.enable = true; - - home.packages = with pkgs; [ - # # Adds the 'hello' command to your environment. It prints a friendly - # # "Hello, world!" when run. - # hello - - # # It is sometimes useful to fine-tune packages, for example, by applying - # # overrides. You can do that directly here, just don't forget the - # # parentheses. Maybe you want to install Nerd Fonts with a limited number of - # # fonts? - # (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; }) - - # # You can also create simple shell scripts directly inside your - # # configuration. For example, this adds a command 'my-hello' to your - # # environment: - # (pkgs.writeShellScriptBin "my-hello" '' - # echo "Hello, ${config.home.username}!" - # '') - ]; - - # Home Manager is pretty good at managing dotfiles. The primary way to manage - # plain files is through 'home.file'. - home.file = { - # # Building this configuration will create a copy of 'dotfiles/screenrc' in - # # the Nix store. Activating the configuration will then make '~/.screenrc' a - # # symlink to the Nix store copy. - # ".screenrc".source = dotfiles/screenrc; - - # # You can also set the file content immediately. - # ".gradle/gradle.properties".text = '' - # org.gradle.console=verbose - # org.gradle.daemon.idletimeout=3600000 - # ''; - }; - - # Home Manager can also manage your environment variables through - # 'home.sessionVariables'. These will be explicitly sourced when using a - # shell provided by Home Manager. If you don't want to manage your shell - # through Home Manager then you have to manually source 'hm-session-vars.sh' - # located at either - # - # ~/.nix-profile/etc/profile.d/hm-session-vars.sh - # - # or - # - # ~/.local/state/nix/profiles/profile/etc/profile.d/hm-session-vars.sh - # - # or - # - # /etc/profiles/per-user/marty/etc/profile.d/hm-session-vars.sh - # - - device.type.laptop = true; - - desktop.hyprland = { - monitors = [ - "desc:AU Optronics 0x313E,1600x900@60,0x0,1" - ]; - }; + home.username = osConfig.user.userName; + home.homeDirectory = "/home/${osConfig.user.userName}"; + home.stateVersion = "24.11"; imports = [ - inputs.walker.homeManagerModules.default - inputs.noctalia.homeModules.default - ./../../modules ./../../home - ]; - # Let Home Manager install and manage itself. programs.home-manager.enable = true; } diff --git a/options.nix b/hosts/marty-thinkpad/options.nix similarity index 68% rename from options.nix rename to hosts/marty-thinkpad/options.nix index 1e7f5b7..a8fb007 100644 --- a/options.nix +++ b/hosts/marty-thinkpad/options.nix @@ -6,9 +6,6 @@ }: { - options = { - - }; config = { user = { userName = "marty"; @@ -18,6 +15,7 @@ timezone = "Europe/Berlin"; language = "en_GB.UTF-8"; locale = "de_DE.UTF-8"; + hostname = "marty-thinkpad"; }; apps = { audio = { @@ -25,26 +23,54 @@ media.enable = true; editing.enable = true; }; - video = { - base.enable = true; - media.enable = true; - editing.enable = true; + development = { + editor = { + vscodium.enable = true; + emacs.enable = true; + default = "vscodium"; + }; + languages = { + python.enable = true; + }; + godot.enable = true; + }; + gaming = { + enable = true; + steam.enable = true; + minecraft.enable = true; }; image = { base.enable = true; editing.enable = true; }; - gaming = { - steam.enable = true; - }; - terminal = { - kitty = { - enable = true; + internet = { + browsers = { + zen-browser.enable = true; + tor-browser.enable = true; + default = "zen"; }; - default = "kitty"; - toys = true; + mail = { + enable = true; + providers = { + protonmail.enable = true; + }; + }; + }; + messaging = { + signal.enable = true; + element = { + enable = true; + selfhosted = true; + }; + }; + misc = { + obsidian.enable = true; + bitwarden.enable = true; + blender.enable = true; }; sync = { + kde-connect.enable = true; + nextcloud.enable = true; syncthing = { devices = { marty-pc = { @@ -74,11 +100,26 @@ }; }; }; + terminal = { + kitty = { + enable = true; + }; + default = "kitty"; + tui = { + ranger.enable = true; + }; + toys = true; + }; + video = { + base.enable = true; + media.enable = true; + editing.enable = true; + }; }; desktop = { window-managers = { hyprland = { - enable = true; + enable = false; }; niri = { enable = true; @@ -107,5 +148,10 @@ }; }; }; + server = { + synapse = { + subdomain = "yap"; + }; + }; }; } diff --git a/modules/apps/audio/default.nix b/modules/apps/audio/default.nix index bf6549b..cb7ed8d 100644 --- a/modules/apps/audio/default.nix +++ b/modules/apps/audio/default.nix @@ -24,6 +24,7 @@ [ pavucontrol playerctl + streamrip ] else [ ] diff --git a/modules/apps/default.nix b/modules/apps/default.nix index d9fd732..df4be30 100644 --- a/modules/apps/default.nix +++ b/modules/apps/default.nix @@ -11,6 +11,8 @@ ./development ./gaming ./image + ./internet + ./messaging ./misc ./peripherals ./video diff --git a/modules/apps/development/editor.nix b/modules/apps/development/editor.nix index f030ed0..5187f49 100644 --- a/modules/apps/development/editor.nix +++ b/modules/apps/development/editor.nix @@ -7,7 +7,7 @@ { options = { - development = { + apps.development = { editor = { vscodium.enable = lib.mkEnableOption "enable vscodium"; emacs.enable = lib.mkEnableOption "enable emacs"; @@ -25,15 +25,15 @@ [ nixfmt ] - ++ (if config.development.editor.vscodium.enable then [ vscodium ] else [ ]); + ++ (if config.apps.development.editor.vscodium.enable then [ vscodium ] else [ ]); programs = { vscode = - if config.development.editor.vscodium.enable then + if config.apps.development.editor.vscodium.enable then { enable = true; package = pkgs.vscodium; - defaultEditor = if (config.development.editor.default == "vscodium") then true else false; + defaultEditor = if (config.apps.development.editor.default == "vscodium") then true else false; # profiles.default.extensions = with pkgs.vscode-extensions; [ # catppuccin.catppuccin-vsc # catppuccin.catppuccin-vsc-icons @@ -51,11 +51,11 @@ }; services = { emacs = - if config.development.editor.emacs.enable then + if config.apps.development.editor.emacs.enable then { enable = true; install = true; - defaultEditor = if (config.development.editor.default == "emacs") then true else false; + defaultEditor = if (config.apps.development.editor.default == "emacs") then true else false; } else { }; diff --git a/modules/apps/internet/browser.nix b/modules/apps/internet/browser.nix index 9f2b534..85e0c5c 100644 --- a/modules/apps/internet/browser.nix +++ b/modules/apps/internet/browser.nix @@ -2,6 +2,7 @@ config, lib, pkgs, + inputs, ... }: @@ -10,13 +11,25 @@ apps.internet.browsers = { zen-browser = { enable = lib.mkEnableOption "enable zen browser"; - package = inputs.zen-browser.packages.${pkgs.stdenv.hostPlatform.system}.default; - binary = "${config.apps.internet.browsers.zen-browser.package}/bin/zen"; + package = lib.mkOption { + default = inputs.zen-browser.packages.${pkgs.stdenv.hostPlatform.system}.default; + description = "zen browser package"; + }; + binary = lib.mkOption { + default = "${config.apps.internet.browsers.zen-browser.package}/bin/zen"; + description = "zen browser binary"; + }; }; tor-browser = { enable = lib.mkEnableOption "enable tor browser"; - package = pkgs.tor-browser; - binary = "${config.apps.internet.browsers.tor-browser.package}/bin/tor-browser"; + package = lib.mkOption { + default = pkgs.tor-browser; + description = "zen browser package"; + }; + binary = lib.mkOption { + default = "${config.apps.internet.browsers.tor-browser.package}/bin/tor-browser"; + description = "zen browser binary"; + }; }; default = lib.mkOption { default = "zen"; diff --git a/modules/apps/internet/mail.nix b/modules/apps/internet/mail.nix new file mode 100644 index 0000000..4b100d3 --- /dev/null +++ b/modules/apps/internet/mail.nix @@ -0,0 +1,35 @@ +{ + config, + lib, + pkgs, + ... +}: + +{ + options = { + apps.internet = { + mail.enable = lib.mkEnableOption "enable e-mail"; + mail.providers.protonmail.enable = lib.mkEnableOption "enable protonmail"; + }; + }; + config = { + programs = { + thunderbird = + if config.apps.internet.mail.enable then + { + enable = true; + } + else + { }; + }; + services = { + protonmail-bridge = + if config.apps.internet.mail.providers.protonmail.enable then + { + enable = true; + } + else + { }; + }; + }; +} diff --git a/modules/apps/messaging/default.nix b/modules/apps/messaging/default.nix new file mode 100644 index 0000000..06519c9 --- /dev/null +++ b/modules/apps/messaging/default.nix @@ -0,0 +1,26 @@ +{ + config, + lib, + pkgs, + inputs, + ... +}: + +{ + options = { + apps.messaging = { + signal.enable = lib.mkEnableOption "enable signal"; + element = { + enable = lib.mkEnableOption "enable element"; + selfhosted = lib.mkEnableOption "selfhosted matrix server?"; + }; + }; + }; + config = { + environment.systemPackages = + with pkgs; + [ ] + ++ (if config.apps.messaging.element.enable then [ element-desktop ] else [ ]) + ++ (if config.apps.messaging.signal.enable then [ signal-desktop ] else [ ]); + }; +} diff --git a/modules/apps/misc/default.nix b/modules/apps/misc/default.nix index d31ab39..7610d39 100644 --- a/modules/apps/misc/default.nix +++ b/modules/apps/misc/default.nix @@ -33,11 +33,13 @@ ++ ( if (config.apps.misc.bitwarden.enable) then - [ rbw ] + [ + rbw + pinentry-curses + ] ++ ( if (config.desktop.shell.rofi.enable) then [ - pinentry-curses rofi-rbw ] else diff --git a/modules/apps/sync/default.nix b/modules/apps/sync/default.nix index e1aca06..7dcef03 100644 --- a/modules/apps/sync/default.nix +++ b/modules/apps/sync/default.nix @@ -12,6 +12,9 @@ kde-connect = { enable = lib.mkEnableOption "enable kde-connect"; }; + nextcloud = { + enable = lib.mkEnableOption "enable nextcloud client"; + }; syncthing = { enable = lib.mkEnableOption "enable syncthing"; devices = lib.mkOption { @@ -30,6 +33,17 @@ }; }; config = { + environment.systemPackages = + with pkgs; + [ ] + ++ ( + if config.apps.sync.nextcloud.enable then + [ + nextcloud-client + ] + else + [ ] + ); programs = { kdeconnect = if config.apps.sync.kde-connect.enable then diff --git a/modules/apps/terminal/kitty.nix b/modules/apps/terminal/kitty.nix index 084272a..1e56ab1 100644 --- a/modules/apps/terminal/kitty.nix +++ b/modules/apps/terminal/kitty.nix @@ -14,14 +14,10 @@ }; config = { - # apps.terminal = - # if (config.apps.terminal.default == "kitty") then - # { - # package = pkgs.kitty; - # binary = "${pkgs.kitty}/bin/kitty"; - # } - # else - # { }; + apps.terminal = { + package = pkgs.kitty; + binary = "${pkgs.kitty}/bin/kitty"; + }; environment.systemPackages = with pkgs; [ ] diff --git a/modules/apps/video/default.nix b/modules/apps/video/default.nix index b7218f1..7ce7168 100644 --- a/modules/apps/video/default.nix +++ b/modules/apps/video/default.nix @@ -22,7 +22,10 @@ ++ ( if config.apps.video.base.enable then - [ mpv ] + [ + mpv + yt-dlp + ] else [ ] ) diff --git a/modules/default.nix b/modules/default.nix index 9c74e04..552c0d1 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -9,6 +9,7 @@ imports = [ ./apps ./desktop + ./server ./system ./user ]; diff --git a/modules/desktop/display-manager.nix b/modules/desktop/display-manager.nix index b2c114d..19e0364 100644 --- a/modules/desktop/display-manager.nix +++ b/modules/desktop/display-manager.nix @@ -29,35 +29,35 @@ }; programs = { uwsm = { - waylandCompositors = { - hyprland = - if config.desktop.window-managers.hyprland.enable then - { + enable = true; + waylandCompositors = + if config.desktop.window-managers.hyprland.enable then + { + hyprland = { prettyName = "Hyprland"; comment = "Hyprland"; binPath = "${config.programs.hyprland.package}/bin/start-hyprland"; - } - else - { }; - sway = - if config.desktop.window-managers.sway.enable then - { + }; + } + else if config.desktop.window-managers.sway.enable then + { + sway = { prettyName = "Sway"; comment = "Sway"; binPath = "${config.programs.sway.package}/bin/sway --session"; - } - else - { }; - niri = - if config.desktop.window-managers.niri.enable then - { + }; + } + else if config.desktop.window-managers.niri.enable then + + { + niri = { prettyName = "Niri"; comment = "Niri"; binPath = "${config.programs.niri.package}/bin/niri-session"; - } - else - { }; - }; + }; + } + else + { }; }; }; xdg.portal.enable = true; diff --git a/modules/desktop/window-managers/default.nix b/modules/desktop/window-managers/default.nix index 0b3749b..51463b9 100644 --- a/modules/desktop/window-managers/default.nix +++ b/modules/desktop/window-managers/default.nix @@ -29,6 +29,10 @@ default = "E"; description = "editor hotkey"; }; + close-window = lib.mkOption { + default = "Q"; + description = "close window hotkey"; + }; }; }; }; diff --git a/modules/desktop/window-managers/sway.nix b/modules/desktop/window-managers/sway.nix index e4d4a34..729ad11 100644 --- a/modules/desktop/window-managers/sway.nix +++ b/modules/desktop/window-managers/sway.nix @@ -19,7 +19,7 @@ { enable = true; wrapperFeatures.gtk = true; - package = null; + package = pkgs.swayfx; } else { }; diff --git a/modules/server/arr/default.nix b/modules/server/arr/default.nix index 94191a7..bfd964e 100644 --- a/modules/server/arr/default.nix +++ b/modules/server/arr/default.nix @@ -42,13 +42,13 @@ default = 8088; }; password = lib.mkOption { - default = "EO3HgIK+QJNQN53efrF6zQ==:Ju6k++dsM4pLLgYjP9sLbUWOiNuQMrUH/g6QArdtKXzYisuzaR+XeJL4hEC9Zo3ekVa8EVnPnQu/mJoHxxkLOA=="; - } + default = ""; + }; }; }; }; config = { - config.server.arr = lib.mkIf config.server.arr.enable { + server.arr = lib.mkIf config.server.arr.enable { prowlarr.enable = lib.mkDefault true; radarr.enable = lib.mkDefault true; sonarr.enable = lib.mkDefault true; @@ -58,28 +58,28 @@ services = { prowlarr = lib.mkIf config.server.arr.prowlarr.enable { enable = true; - server = { + settings.server = { bindaddress = "0.0.0.0"; port = config.server.arr.prowlarr.port; }; }; radarr = lib.mkIf config.server.arr.radarr.enable { enable = true; - server = { + settings.server = { bindaddress = "0.0.0.0"; port = config.server.arr.radarr.port; }; }; sonarr = lib.mkIf config.server.arr.sonarr.enable { enable = true; - server = { + settings.server = { bindaddress = "0.0.0.0"; port = config.server.arr.sonarr.port; }; }; lidarr = lib.mkIf config.server.arr.lidarr.enable { enable = true; - server = { + settings.server = { bindaddress = "0.0.0.0"; port = config.server.arr.lidarr.port; }; diff --git a/modules/server/cloud/default.nix b/modules/server/cloud/default.nix new file mode 100644 index 0000000..45fc504 --- /dev/null +++ b/modules/server/cloud/default.nix @@ -0,0 +1,13 @@ +{ + config, + lib, + pkgs, + ... +}: + +{ + imports = [ + ./immich.nix + ./nextcloud.nix + ]; +} diff --git a/modules/server/cloud/immich.nix b/modules/server/cloud/immich.nix new file mode 100644 index 0000000..88dfdf6 --- /dev/null +++ b/modules/server/cloud/immich.nix @@ -0,0 +1,70 @@ +{ + config, + lib, + pkgs, + ... +}: + +{ + options = { + server.cloud.immich = { + enable = lib.mkEnableOption "enable immich"; + port = lib.mkOption { + default = 2283; + description = "immich port"; + }; + public = lib.mkEnableOption "public immich"; + subdomain = lib.mkOption { + default = "photos"; + description = "immich subdomain"; + }; + }; + }; + config = { + users = + if config.server.cloud.immich.enable then + { + users.immich = { + isSystemUser = true; + createHome = true; + home = "/var/lib/immich"; + group = "immich"; + extraGroups = [ + "video" + "render" + ]; + }; + groups.immich = { }; + } + else + { }; + services = { + immich = { + enable = config.server.cloud.immich.enable; + port = config.server.cloud.immich.port; + host = "127.0.0.1"; + machine-learning = { + enable = true; + environment = { + MACHINE_LEARNING_MODEL_TTL = "600"; + MACHINE_LEARNING_REQUEST_THREADS = "4"; + MACHINE_LEARNING_MODEL_INTER_OP_THREADS = "2"; + }; + }; + }; + nginx = + if config.server.cloud.immich.enable && config.server.cloud.immich.public then + { + virtualHosts."${config.server.cloud.immich.subdomain}.${config.networking.domain}" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:${toString config.server.cloud.immich.port}"; + }; + }; + } + else + { }; + }; + }; +} diff --git a/modules/server/cloud/nextcloud.nix b/modules/server/cloud/nextcloud.nix new file mode 100644 index 0000000..5977065 --- /dev/null +++ b/modules/server/cloud/nextcloud.nix @@ -0,0 +1,93 @@ +{ + config, + lib, + pkgs, + ... +}: + +{ + options = { + server.cloud.nextcloud = { + enable = lib.mkEnableOption "enable nextcloud"; + port = lib.mkOption { + default = 8009; + description = "nextcloud port"; + }; + public = lib.mkEnableOption "make nextcloud public"; + subdomain = lib.mkOption { + default = "nextcloud"; + description = "nextcloud subdomain"; + }; + }; + }; + config = { + services = { + nextcloud = { + enable = config.server.cloud.nextcloud.enable; + configureRedis = true; + package = pkgs.nextcloud33; + hostName = "nextcloud-net"; + config = { + dbtype = "pgsql"; + dbuser = "nextcloud"; + dbhost = "/run/postgresql"; # nextcloud will add /.s.PGSQL.5432 by itself + dbname = "nextcloud"; + adminpassFile = "/home/marty/secrets/nextcloud"; + adminuser = "admin"; + }; + settings = { + trusted_proxies = [ + "localhost" + "127.0.0.1" + "${config.server.cloud.nextcloud.subdomain}.${config.networking.domain}" + config.networking.hostName + ]; + trusted_domains = [ + "${config.server.cloud.nextcloud.subdomain}.${config.networking.domain}" + config.networking.hostName + ]; + skeletondirectory = ""; + preview_ffmpeg_path = "${pkgs.ffmpeg}/bin/ffmpeg"; + log_type = "file"; + logfile = "nextcloud.log"; + loglevel = 0; + }; + }; + postgresql = { + enable = true; + ensureDatabases = [ "nextcloud" ]; + ensureUsers = [ + { + name = "nextcloud"; + ensureDBOwnership = true; + } + ]; + }; + nginx = { + virtualHosts = { + "nextcloud-net".listen = [ + { + addr = "0.0.0.0"; + port = config.server.cloud.nextcloud.port; + } + ]; + "${config.server.cloud.nextcloud.subdomain}.${config.networking.domain}" = + if config.server.cloud.nextcloud.public then + { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:${toString config.server.cloud.nextcloud.port}"; + }; + } + else + { }; + }; + }; + }; + systemd.services."nextcloud-setup" = { + requires = [ "postgresql.service" ]; + after = [ "postgresql.service" ]; + }; + }; +} diff --git a/modules/server/default.nix b/modules/server/default.nix index ac8d491..346842d 100644 --- a/modules/server/default.nix +++ b/modules/server/default.nix @@ -7,6 +7,11 @@ { imports = [ - ./docker + ./arr + ./cloud + ./media + ./misc + ./social + ./nginx.nix ]; } diff --git a/modules/server/docker/default.nix b/modules/server/docker/default.nix deleted file mode 100644 index 60b6656..0000000 --- a/modules/server/docker/default.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: - -{ - programs = { - lazydocker = { - enable = true; - }; - }; -} diff --git a/modules/server/media/default.nix b/modules/server/media/default.nix new file mode 100644 index 0000000..876a42d --- /dev/null +++ b/modules/server/media/default.nix @@ -0,0 +1,13 @@ +{ + config, + lib, + pkgs, + ... +}: + +{ + imports = [ + ./jellyfin.nix + ./navidrome.nix + ]; +} diff --git a/modules/server/media/jellyfin.nix b/modules/server/media/jellyfin.nix index 71badce..67c4eab 100644 --- a/modules/server/media/jellyfin.nix +++ b/modules/server/media/jellyfin.nix @@ -11,64 +11,67 @@ enable = lib.mkEnableOption "enable jelyfin"; port = lib.mkOption { default = 8096; - description = "set jellyfin port" + description = "set jellyfin port"; }; - public = { - enable = lib.mkEnableOption "make jellyfin public"; - subdomain = lib.mkOption { - default = "watch"; - description = "set jellyfin subdomain"; - }; + public = lib.mkEnableOption "make jellyfin public"; + subdomain = lib.mkOption { + default = "watch"; + description = "set jellyfin subdomain"; }; }; jellyseer = { enable = lib.mkEnableOption "enable jellyseer"; port = lib.mkOption { default = 8097; - description = "set jellyseer port" + description = "set jellyseer port"; }; - public = { - enable = lib.mkEnableOption "make jellyseer public"; - subdomain = lib.mkOption { - default = "jellyseer"; - description = "set jellyseer subdomain"; - }; + public = lib.mkEnableOption "make jellyseer public"; + subdomain = lib.mkOption { + default = "jellyseer"; + description = "set jellyseer subdomain"; }; }; }; config = { - environment.systemPackages = config.server.jellyfin.enable [ - pkgs.jellyfin - pkgs.jellyfin-web - pkgs.jellyfin-ffmpeg - ]; + environment.systemPackages = + [ ] + ++ ( + if config.server.jellyfin.enable then + [ + pkgs.jellyfin + pkgs.jellyfin-web + pkgs.jellyfin-ffmpeg + ] + else + [ ] + ); services = { jellyfin = lib.mkIf config.server.jellyfin.enable { enable = true; }; - jellyseer = lib.mkIf config.server-jellyseer.enable { + seerr = lib.mkIf config.server.jellyseer.enable { enable = true; }; nginx.virtualHosts = { - "${config.server.jellyfin.public.subdomain}.${config.domain}" = - lib.mkIf config.server.jellyfin.public.enable - { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://127.0.0.1:${config.server.jellyfin.port}"; + "${config.server.jellyfin.subdomain}.${config.networking.domain}" = + lib.mkIf config.server.jellyfin.public + { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:${config.server.jellyfin.port}"; + }; }; - }; - "${config.server.jellyseer.public.subdomain}.${config.domain}" = lib.mkIf config.server.jellyfin.public.enable { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://127.0.0.1:${config.server.jellyseer.port}"; + "${config.server.jellyseer.subdomain}.${config.networking.domain}" = + lib.mkIf config.server.jellyfin.public + { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:${config.server.jellyseer.port}"; + }; }; - }; - }; - }; }; }; }; diff --git a/modules/server/media/navidrome.nix b/modules/server/media/navidrome.nix new file mode 100644 index 0000000..5a14f42 --- /dev/null +++ b/modules/server/media/navidrome.nix @@ -0,0 +1,66 @@ +{ + config, + lib, + pkgs, + ... +}: + +{ + options = { + server.media.navidrome = { + enable = lib.mkEnableOption "enable navidrome"; + port = lib.mkOption { + default = 4533; + description = "navidrome port"; + }; + public = lib.mkEnableOption "make navidrome public"; + subdomain = lib.mkOption { + default = "music"; + description = "navidrome subdomain"; + }; + }; + }; + config = { + services = { + navidrome = { + enable = config.server.media.navidrome.enable; + user = config.user.userName; + group = "users"; + settings = { + Address = "0.0.0.0"; + Port = config.server.media.navidrome.port; + MusicFolder = "/mnt/Data/Media/Music"; + Agents = "lastfm"; + AlbumPlayCountMode = "normalized"; + EnableDownloads = true; + EnableFavourites = true; + EnableNowPlaying = true; + EnableStarRating = true; + EnableUserEditing = true; + LastFM.Enabled = true; + LastFM.Language = "en"; + LastFM.ScrobbleFirstArtistOnly = false; + ListenBrainz.Enabled = true; + Scanner.Enabled = true; + Scanner.Schedule = "1h"; + Subsonic.ArtistParticipations = true; + }; + }; + nginx = { + virtualHosts = { + "${config.server.media.navidrome.subdomain}.${config.networking.domain}" = + if config.server.media.navidrome.public then + { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:${toString config.server.media.navidrome.port}"; + }; + } + else + { }; + }; + }; + }; + }; +} diff --git a/modules/server/misc/dawarich.nix b/modules/server/misc/dawarich.nix new file mode 100644 index 0000000..0282085 --- /dev/null +++ b/modules/server/misc/dawarich.nix @@ -0,0 +1,34 @@ +{ + config, + lib, + pkgs, + ... +}: + +{ + options = { + server.misc.dawarich = { + enable = lib.mkEnableOption "enable dawarich"; + port = lib.mkOption { + default = 2975; + description = "dawarich port"; + }; + public = lib.mkEnableOption "make dawarich public"; + subdomain = lib.mkOption { + default = "dawarich"; + description = "dawarich subdomain"; + }; + }; + }; + config = { + services.dawarich = { + enable = config.server.misc.dawarich.enable; + webPort = config.server.misc.dawarich.port; + localDomain = + if config.server.misc.dawarich.public then + "${config.server.misc.dawarich.subdomain}.${config.networking.domain}" + else + config.networking.hostName; + }; + }; +} diff --git a/modules/server/misc/default.nix b/modules/server/misc/default.nix new file mode 100644 index 0000000..ff10566 --- /dev/null +++ b/modules/server/misc/default.nix @@ -0,0 +1,14 @@ +{ + config, + lib, + pkgs, + ... +}: + +{ + imports = [ + ./dawarich.nix + ./forgejo.nix + ./lauti.nix + ]; +} diff --git a/modules/server/misc/forgejo.nix b/modules/server/misc/forgejo.nix new file mode 100644 index 0000000..073a104 --- /dev/null +++ b/modules/server/misc/forgejo.nix @@ -0,0 +1,72 @@ +{ + config, + lib, + pkgs, + ... +}: +{ + options = { + server.misc.forgejo = { + enable = lib.mkEnableOption "enable forgejo"; + port = lib.mkOption { + default = 2934; + description = "forgejo port"; + }; + public = lib.mkEnableOption "public forgejo"; + subdomain = lib.mkOption { + default = "git"; + description = "forgejo subdomain"; + }; + settings = { + app_name = lib.mkOption { + default = "${config.user.userName}'s code dump"; + description = "forgejo app name"; + }; + app_slogan = lib.mkOption { + default = "if code could talk, mine would cry"; + description = "forgejo app slogan"; + }; + }; + }; + }; + config = { + services = { + forgejo = { + enable = config.server.misc.forgejo.enable; + database.type = "postgres"; + settings = { + server = { + DOMAIN = "${config.server.misc.forgejo.subdomain}.${config.networking.domain}"; + ROOT_URL = "https://${config.server.misc.forgejo.subdomain}.${config.networking.domain}"; + HTTP_PORT = config.server.misc.forgejo.port; + }; + DEFAULT = { + APP_NAME = config.server.misc.forgejo.settings.app_name; + APP_SLOGAN = config.server.misc.forgejo.settings.app_slogan; + }; + REPOSITORY = { + ENABLE_PUSH_CREATE_USER = true; + ENABLE_PUSH_CREATE_ORG = true; + + }; + service.DISABLE_REGISTRATION = true; + }; + }; + nginx = { + virtualHosts = { + "${config.server.misc.forgejo.subdomain}.${config.networking.domain}" = + if config.server.misc.forgejo.public then + { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:${toString config.server.misc.forgejo.port}"; + }; + } + else + { }; + }; + }; + }; + }; +} diff --git a/modules/server/misc/lauti.nix b/modules/server/misc/lauti.nix new file mode 100644 index 0000000..d16f821 --- /dev/null +++ b/modules/server/misc/lauti.nix @@ -0,0 +1,54 @@ +{ + config, + lib, + pkgs, + ... +}: + +{ + options = { + server.misc.lauti = { + enable = lib.mkEnableOption "enable lauti"; + port = lib.mkOption { + default = 3333; + description = "lauti port"; + }; + public = lib.mkEnableOption "make lauti public"; + subdomain = lib.mkOption { + default = "lauti"; + description = "lauti subdomain"; + }; + }; + }; + config = { + services = { + lauti = { + enable = config.server.misc.lauti.enable; + settings = { + LAUTI_ADMIN_EMAIL = "lauti@${config.networking.domain}"; + LAUTI_BASE_URL = "https://${config.server.misc.lauti.subdomain}.${config.networking.domain}"; + LAUTI_OSM_TILE_CACHE_DIR = "/var/lib/lauti/osm"; + LAUTI_OSM_TILE_SERVER = "https://tile.openstreetmap.org/{z}/{x}/{y}.png"; + LAUTI_TIMEZONE = "Europe/Berlin"; + LAUTI_LANGUAGE = config.console.keyMap; + }; + secrets = [ /home/${config.user.userName}/secrets/lauti ]; + }; + nginx = { + virtualHosts = { + "${config.server.misc.lauti.subdomain}.${config.networking.domain}" = + if config.server.misc.lauti.public then + { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:${toString config.server.misc.lauti.port}"; + }; + } + else + { }; + }; + }; + }; + }; +} diff --git a/modules/server/nginx.nix b/modules/server/nginx.nix index 095b958..0f00b82 100644 --- a/modules/server/nginx.nix +++ b/modules/server/nginx.nix @@ -6,20 +6,6 @@ }: { - options = { - domain = lib.mkOption { - default = "marty.tf"; - description = "set domain name"; - }; - email = lib.mkOption { - default = "${config.user.userName}@${config.domain}"; - description = "set email"; - }; - nginx = { - - }; - }; - config = { users = { users = { @@ -50,7 +36,7 @@ security = { acme = { acceptTerms = true; - defaults.email = config.email; + defaults.email = config.user.email; }; }; }; diff --git a/modules/server/social/default.nix b/modules/server/social/default.nix new file mode 100644 index 0000000..f45a66e --- /dev/null +++ b/modules/server/social/default.nix @@ -0,0 +1,13 @@ +{ + config, + lib, + pkgs, + ... +}: + +{ + imports = [ + ./gotosocial.nix + ./synapse.nix + ]; +} diff --git a/modules/server/social/gotosocial.nix b/modules/server/social/gotosocial.nix new file mode 100644 index 0000000..7e15266 --- /dev/null +++ b/modules/server/social/gotosocial.nix @@ -0,0 +1,64 @@ +{ + config, + pkgs, + inputs, + lib, + ... +}: +{ + options = { + server.social.gotosocial = { + enable = lib.mkEnableOption "enable gotosocial"; + port = lib.mkOption { + default = 8008; + description = "gotosocial port"; + }; + public = lib.mkOption { + default = true; + description = "public gotosocial"; + }; + subdomain = lib.mkOption { + default = "fedi"; + description = "gotosocial subdomain"; + }; + }; + }; + config = { + services = { + gotosocial = { + enable = config.server.social.gotosocial.enable; + settings = { + application_name = "The Martyverse"; + host = "${config.server.social.gotosocial.subdomain}.${config.networking.domain}"; + bind-address = "127.0.0.1"; + port = config.server.social.gotosocial.port; + protocol = "https"; + landing-page-user = "${config.user.userName}"; + db-address = "/home/${config.user.userName}/gotosocial/storage/sqlite.db"; + storage-local-base-path = "/home/${config.user.userName}/gotosocial/storage"; + db-type = "sqlite"; + accounts-allow-custom-css = true; + accounts-registration-open = true; + accounts-reason-required = true; + accounts-registration-backlog-limit = 20; + }; + }; + nginx = { + virtualHosts = { + "${config.server.social.gotosocial.subdomain}.${config.networking.domain}" = + if config.server.social.gotosocial.public && config.server.social.gotosocial.enable then + { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:${toString config.server.social.gotosocial.port}"; + proxyWebsockets = true; + }; + } + else + { }; + }; + }; + }; + }; +} diff --git a/modules/server/social/synapse.nix b/modules/server/social/synapse.nix new file mode 100644 index 0000000..e734ae1 --- /dev/null +++ b/modules/server/social/synapse.nix @@ -0,0 +1,117 @@ +{ + config, + lib, + pkgs, + ... +}: + +let + fqdn = "${config.server.synapse.subdomain}.${config.networking.domain}"; + baseUrl = "https://${fqdn}"; + clientConfig."m.homeserver".base_url = baseUrl; + serverConfig."m.server" = "${fqdn}:443"; + mkWellKnown = data: '' + default_type application/json; + add_header Access-Control-Allow-Origin *; + return 200 '${builtins.toJSON data}'; + ''; +in + +{ + options = { + server.synapse = { + enable = lib.mkEnableOption "enable synapse"; + subdomain = lib.mkOption { + default = "yap"; + description = "synapse subdomain"; + }; + port = lib.mkOption { + default = 8008; + description = "synapse port"; + }; + }; + }; + config = { + services = + if config.server.synapse.enable then + { + postgresql.enable = true; + matrix-synapse = { + enable = true; + configureRedisLocally = true; + extras = [ + "cache-memory" # Provide statistics about caching memory consumption + "jwt" # JSON Web Token authentication + "oidc" # OpenID Connect authentication + "postgres" # PostgreSQL database backend + "redis" # Redis support for the replication stream between worker processes + #"saml2" # SAML2 authentication + "sentry" # Error tracking and performance metrics + "systemd" # Provide the JournalHandler used in the default log_config + "url-preview" # Support for oEmbed URL previews + ]; + settings = { + url_preview_enabled = true; + server_name = "${config.networking.domain}"; + public_baseurl = baseUrl; + media_store_path = "/mnt/Data/Matrix/Media"; + max_upload_size = "10G"; + enable_registration = false; + registration_shared_secret = ""; + generic = { + enabled = true; + outbound = true; + urlPrefix = "https://https://yap.marty.tf/webhooks/"; + allowJsTransformationFunctions = false; + waitForComplete = false; + enableHttpGet = false; + }; + listeners = [ + { + port = config.server.synapse.port; + bind_addresses = [ "127.0.0.1" ]; + type = "http"; + tls = false; + x_forwarded = true; + resources = [ + { + names = [ + "client" + "federation" + ]; + compress = true; + } + ]; + } + ]; + }; + }; + nginx = { + virtualHosts = { + "${config.networking.domain}" = { + enableACME = true; + forceSSL = true; + locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig; + locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig; + }; + "${config.server.synapse.subdomain}.${config.networking.domain}" = { + enableACME = true; + forceSSL = true; + locations = { + "~ ^(/_matrix|/_synapse/client|/)" = { + proxyPass = "http://127.0.0.1:${toString config.server.synapse.port}"; + proxyWebsockets = true; + extraConfig = + "proxy_set_header X-Forwarded-For $remote_addr;" + + "proxy_set_header X-Forwarded-Proto $scheme;" + + "proxy_set_header Host $host:$server_port;"; + }; + }; + }; + }; + }; + } + else + { }; + }; +} diff --git a/modules/system/bluetooth.nix b/modules/system/bluetooth.nix new file mode 100644 index 0000000..f622913 --- /dev/null +++ b/modules/system/bluetooth.nix @@ -0,0 +1,13 @@ +{ + config, + lib, + pkgs, + ... +}: + +{ + environment.systemPackages = with pkgs; [ + bluez + bluetuith + ]; +} diff --git a/modules/system/default.nix b/modules/system/default.nix index 2b0bc73..ec97afe 100644 --- a/modules/system/default.nix +++ b/modules/system/default.nix @@ -7,12 +7,13 @@ { imports = [ + ./bluetooth.nix ./boot.nix ./git.nix ./shell.nix ./networking.nix ./localization.nix - ./fira-code.nix + ./fonts.nix ./nixos-cli.nix ./ssh.nix ]; diff --git a/modules/system/fira-code.nix b/modules/system/fonts.nix similarity index 100% rename from modules/system/fira-code.nix rename to modules/system/fonts.nix diff --git a/modules/system/networking.nix b/modules/system/networking.nix index 60891ae..797a867 100644 --- a/modules/system/networking.nix +++ b/modules/system/networking.nix @@ -1,42 +1,59 @@ -{ config, pkgs, ... }: +{ + config, + pkgs, + lib, + ... +}: { - networking = { - domain = "maty.tf"; - networkmanager.enable = true; - firewall = { - enable = true; - allowedUDPPorts = [ - config.services.tailscale.port - 53317 - 16261 - 16262 - ]; - allowedTCPPorts = [ - 53317 - 16261 - 16262 - ]; - trustedInterfaces = [ "tailscale0" ]; + options = { + system.hostname = lib.mkOption { + default = "${config.user.userName}-device"; + description = "hostname"; }; }; - services = { - tailscale = { - enable = true; - extraSetFlags = [ - "--ssh" - ]; + config = { + networking = { + domain = "marty.tf"; + hostName = config.system.hostname; + networkmanager.enable = true; + firewall = { + enable = true; + allowedUDPPorts = [ + config.services.tailscale.port + 53317 + 16261 + 16262 + ]; + allowedTCPPorts = [ + 53317 + 16261 + 16262 + ]; + trustedInterfaces = [ "tailscale0" ]; + }; }; - }; - hardware = { - bluetooth = { - enable = true; - powerOnBoot = true; - settings = { - General = { - Experimental = true; + services = { + tailscale = { + enable = true; + extraSetFlags = [ + "--ssh" + ]; + }; + }; + hardware = { + bluetooth = { + enable = true; + powerOnBoot = true; + settings = { + General = { + Experimental = true; + }; }; }; }; + environment.systemPackages = with pkgs; [ + oniux + ]; }; }